Security
Headlines
HeadlinesLatestCVEs

Headline

Red Hat Security Advisory 2023-3625-01

Red Hat Security Advisory 2023-3625-01 - Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.62. Issues addressed include bypass, cross site request forgery, cross site scripting, and denial of service vulnerabilities.

Packet Storm
#xss#csrf#vulnerability#web#red_hat#dos#redis#git#kubernetes#rpm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Important: OpenShift Container Platform 4.10.62 security update
Advisory ID: RHSA-2023:3625-01
Product: Red Hat OpenShift Enterprise
Advisory URL: https://access.redhat.com/errata/RHSA-2023:3625
Issue date: 2023-06-23
CVE Names: CVE-2022-41966 CVE-2023-20860 CVE-2023-32977
CVE-2023-32979 CVE-2023-32980 CVE-2023-32981
=====================================================================

  1. Summary:

Red Hat OpenShift Container Platform release 4.10.62 is now available with
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat OpenShift Container Platform 4.10 - aarch64, noarch, ppc64le, s390x, x86_64

  1. Description:

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.10.62. See the following advisory for the container images for
this release:

https://access.redhat.com/errata/RHSA-2023:3626

Security Fix(es):

  • xstream: Denial of Service by injecting recursive collections or maps
    based on element’s hash values raising a stack overflow (CVE-2022-41966)

  • springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern
    (CVE-2023-20860)

  • jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job
    Plugin (CVE-2023-32977)

  • jenkins-2-plugin: email-ext: Missing permission check in Email Extension
    Plugin (CVE-2023-32979)

  • jenkins-2-plugin: email-ext: CSRF vulnerability in Email Extension Plugin
    (CVE-2023-32980)

  • jenkins-2-plugin: pipeline-utility-steps: Arbitrary file write
    vulnerability on agents in Pipeline Utility Steps Plugin (CVE-2023-32981)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

All OpenShift Container Platform 4.10 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.openshift.com/container-platform/4.10/updating/updating-cluster-cli.html

  1. Solution:

For OpenShift Container Platform 4.10 see the following documentation,
which will be updated shortly for this release, for important instructions
on how to upgrade your cluster and fully apply this asynchronous errata
update:

https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html

  1. Bugs fixed (https://bugzilla.redhat.com/):

2170431 - CVE-2022-41966 xstream: Denial of Service by injecting recursive collections or maps based on element’s hash values raising a stack overflow
2180528 - CVE-2023-20860 springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern
2207830 - CVE-2023-32977 jenkins-2-plugin: workflow-job: Stored XSS vulnerability in Pipeline: Job Plugin
2207831 - CVE-2023-32979 jenkins-2-plugin: email-ext: Missing permission check in Email Extension Plugin
2207833 - CVE-2023-32980 jenkins-2-plugin: email-ext: CSRF vulnerability in Email Extension Plugin
2207835 - CVE-2023-32981 jenkins-2-plugin: pipeline-utility-steps: Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin

  1. Package List:

Red Hat OpenShift Container Platform 4.10:

Source:
cri-o-1.23.5-16.rhaos4.10.gitbb2cc9a.el7.src.rpm
openshift-4.10.0-202306081029.p0.g16bcd69.assembly.stream.el7.src.rpm
openshift-ansible-4.10.0-202306081029.p0.g72c7be6.assembly.stream.el7.src.rpm
openshift-clients-4.10.0-202306081029.p0.g3a7500d.assembly.stream.el7.src.rpm

noarch:
openshift-ansible-4.10.0-202306081029.p0.g72c7be6.assembly.stream.el7.noarch.rpm
openshift-ansible-test-4.10.0-202306081029.p0.g72c7be6.assembly.stream.el7.noarch.rpm

x86_64:
cri-o-1.23.5-16.rhaos4.10.gitbb2cc9a.el7.x86_64.rpm
cri-o-debuginfo-1.23.5-16.rhaos4.10.gitbb2cc9a.el7.x86_64.rpm
openshift-clients-4.10.0-202306081029.p0.g3a7500d.assembly.stream.el7.x86_64.rpm
openshift-clients-redistributable-4.10.0-202306081029.p0.g3a7500d.assembly.stream.el7.x86_64.rpm
openshift-hyperkube-4.10.0-202306081029.p0.g16bcd69.assembly.stream.el7.x86_64.rpm

Red Hat OpenShift Container Platform 4.10:

Source:
cri-o-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.src.rpm
jenkins-2-plugins-4.10.1685679861-1.el8.src.rpm
jenkins-2.401.1.1685677065-1.el8.src.rpm
kernel-4.18.0-305.93.1.el8_4.src.rpm
kernel-rt-4.18.0-305.93.1.rt7.168.el8_4.src.rpm
openshift-4.10.0-202306081029.p0.g16bcd69.assembly.stream.el8.src.rpm
openshift-ansible-4.10.0-202306081029.p0.g72c7be6.assembly.stream.el8.src.rpm
openshift-clients-4.10.0-202306081029.p0.g3a7500d.assembly.stream.el8.src.rpm

aarch64:
bpftool-4.18.0-305.93.1.el8_4.aarch64.rpm
bpftool-debuginfo-4.18.0-305.93.1.el8_4.aarch64.rpm
cri-o-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.aarch64.rpm
cri-o-debuginfo-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.aarch64.rpm
cri-o-debugsource-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.aarch64.rpm
kernel-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-core-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-cross-headers-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-debug-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-debug-core-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-debug-devel-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-debug-modules-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-debug-modules-extra-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-debug-modules-internal-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-devel-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-headers-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-modules-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-modules-extra-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-modules-internal-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-selftests-internal-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-tools-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-tools-libs-4.18.0-305.93.1.el8_4.aarch64.rpm
kernel-tools-libs-devel-4.18.0-305.93.1.el8_4.aarch64.rpm
openshift-clients-4.10.0-202306081029.p0.g3a7500d.assembly.stream.el8.aarch64.rpm
openshift-hyperkube-4.10.0-202306081029.p0.g16bcd69.assembly.stream.el8.aarch64.rpm
perf-4.18.0-305.93.1.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.93.1.el8_4.aarch64.rpm
python3-perf-4.18.0-305.93.1.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.93.1.el8_4.aarch64.rpm

noarch:
jenkins-2-plugins-4.10.1685679861-1.el8.noarch.rpm
jenkins-2.401.1.1685677065-1.el8.noarch.rpm
kernel-doc-4.18.0-305.93.1.el8_4.noarch.rpm
openshift-ansible-4.10.0-202306081029.p0.g72c7be6.assembly.stream.el8.noarch.rpm
openshift-ansible-test-4.10.0-202306081029.p0.g72c7be6.assembly.stream.el8.noarch.rpm

ppc64le:
bpftool-4.18.0-305.93.1.el8_4.ppc64le.rpm
bpftool-debuginfo-4.18.0-305.93.1.el8_4.ppc64le.rpm
cri-o-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.ppc64le.rpm
cri-o-debuginfo-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.ppc64le.rpm
cri-o-debugsource-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.ppc64le.rpm
kernel-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-core-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-cross-headers-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-debug-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-debug-core-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-debug-devel-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-debug-modules-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-debug-modules-internal-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-devel-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-headers-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-ipaclones-internal-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-modules-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-modules-extra-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-modules-internal-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-selftests-internal-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-tools-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-tools-libs-4.18.0-305.93.1.el8_4.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-305.93.1.el8_4.ppc64le.rpm
openshift-clients-4.10.0-202306081029.p0.g3a7500d.assembly.stream.el8.ppc64le.rpm
openshift-hyperkube-4.10.0-202306081029.p0.g16bcd69.assembly.stream.el8.ppc64le.rpm
perf-4.18.0-305.93.1.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.93.1.el8_4.ppc64le.rpm
python3-perf-4.18.0-305.93.1.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.93.1.el8_4.ppc64le.rpm

s390x:
bpftool-4.18.0-305.93.1.el8_4.s390x.rpm
bpftool-debuginfo-4.18.0-305.93.1.el8_4.s390x.rpm
cri-o-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.s390x.rpm
cri-o-debuginfo-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.s390x.rpm
cri-o-debugsource-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.s390x.rpm
kernel-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-core-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-cross-headers-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-debug-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-debug-core-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-debug-debuginfo-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-debug-devel-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-debug-modules-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-debug-modules-extra-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-debug-modules-internal-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-debuginfo-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-devel-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-headers-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-modules-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-modules-extra-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-modules-internal-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-selftests-internal-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-tools-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-tools-debuginfo-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-zfcpdump-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-zfcpdump-core-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-zfcpdump-devel-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-305.93.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-internal-4.18.0-305.93.1.el8_4.s390x.rpm
openshift-clients-4.10.0-202306081029.p0.g3a7500d.assembly.stream.el8.s390x.rpm
openshift-hyperkube-4.10.0-202306081029.p0.g16bcd69.assembly.stream.el8.s390x.rpm
perf-4.18.0-305.93.1.el8_4.s390x.rpm
perf-debuginfo-4.18.0-305.93.1.el8_4.s390x.rpm
python3-perf-4.18.0-305.93.1.el8_4.s390x.rpm
python3-perf-debuginfo-4.18.0-305.93.1.el8_4.s390x.rpm

x86_64:
bpftool-4.18.0-305.93.1.el8_4.x86_64.rpm
bpftool-debuginfo-4.18.0-305.93.1.el8_4.x86_64.rpm
cri-o-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.x86_64.rpm
cri-o-debuginfo-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.x86_64.rpm
cri-o-debugsource-1.23.5-16.rhaos4.10.gitbb2cc9a.el8.x86_64.rpm
kernel-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-core-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-cross-headers-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-debug-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-debug-core-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-debug-devel-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-debug-modules-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-debug-modules-extra-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-debug-modules-internal-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-devel-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-headers-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-ipaclones-internal-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-modules-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-modules-extra-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-modules-internal-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-rt-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-core-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debug-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debug-core-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debug-devel-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debug-modules-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debug-modules-internal-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debuginfo-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-devel-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-kvm-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-modules-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-modules-extra-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-modules-internal-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-rt-selftests-internal-4.18.0-305.93.1.rt7.168.el8_4.x86_64.rpm
kernel-selftests-internal-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-tools-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-tools-libs-4.18.0-305.93.1.el8_4.x86_64.rpm
kernel-tools-libs-devel-4.18.0-305.93.1.el8_4.x86_64.rpm
openshift-clients-4.10.0-202306081029.p0.g3a7500d.assembly.stream.el8.x86_64.rpm
openshift-clients-redistributable-4.10.0-202306081029.p0.g3a7500d.assembly.stream.el8.x86_64.rpm
openshift-hyperkube-4.10.0-202306081029.p0.g16bcd69.assembly.stream.el8.x86_64.rpm
perf-4.18.0-305.93.1.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.93.1.el8_4.x86_64.rpm
python3-perf-4.18.0-305.93.1.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.93.1.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2022-41966
https://access.redhat.com/security/cve/CVE-2023-20860
https://access.redhat.com/security/cve/CVE-2023-32977
https://access.redhat.com/security/cve/CVE-2023-32979
https://access.redhat.com/security/cve/CVE-2023-32980
https://access.redhat.com/security/cve/CVE-2023-32981
https://access.redhat.com/security/updates/classification/#important
https://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html

  1. Contact:

The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBZJYTh9zjgjWX9erEAQh4mQ//XdFhFaXf/s5HOqOrjdm7tTJNHJ/C8tqG
SxPUy+Eto4VtDbN/oET9uSy/a7c5LteR1YXwAkfSQZwlPPE/4Ok94nmEzXl4LVx4
j+zwcIWsC3+WPTPzslf4tgljD+BfO43xXUyHahOGpUUFnYJ1R7mtBmgYx9qiiZ63
AO2QgJbcsvKv4mTeHrGQK4ALqe47zsDW88IxA9ki+e9jxhy1tZwNjt8Z8rcJLesI
jbmQCsPtWuJCddlzNcUpGYa8bWq5tLvHTzAprqjJMb8HwiMmLOWCAeorJYBVdhfZ
5d0VpBxpWJv7WVWHzu7SObOsLXmcLU90uqTyKgkbp6OXTnj1O0fKde6EL7ISgr2Q
qL5rjkL/01Gy2Iv2cyHRHIHCFEXtdbHOXdpwA7H5TysR35HRdb6iSUQK+5KdNgay
3NAcfCxSmyF8Pq3P3sDY3YG7fYv/Xom3GO0oqqJHmP/AU4TbdnTGTl5fT7ZeQQxH
09vF8z2myZl1Sr9njAGOvLTrJ21B8/mMJp8upfV7wqaPGHqyA4S0KydkDyzGwcQ5
h+QzoekXuzTKBjjI7ZqZrwoZquIWgwL9IRxlejQLtgnnmEnBu/kbUtbrgB7PGMXW
HLnn87J8Xk+VI59y8dV0EctvOl9ZLv3smbT6GKdBGYa56Np+yRIjQRYJ511GZihw
+M8bdNZNn+k=
=E1Cz
-----END PGP SIGNATURE-----

RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Related news

Red Hat Security Advisory 2024-1353-03

Red Hat Security Advisory 2024-1353-03 - An update is now available for Red Hat Process Automation Manager. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.

CVE-2023-22130: Oracle Critical Patch Update Advisory - October 2023

Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

RHSA-2023:4983: Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.4 security update

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which provides a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-30129: A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0 * CVE-2022-3171: A parsing issue with binary data in protobuf-java core and...

Red Hat Security Advisory 2023-4612-01

Red Hat Security Advisory 2023-4612-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.7.13 serves as a replacement for Red Hat support for Spring Boot 2.7.12, and includes security, bug fixes and enhancements. For more information, see the release notes linked in the References section. Issues addressed include bypass, code execution, denial of service, and deserialization vulnerabilities.

RHSA-2023:4612: Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.13 security update

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46877: A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. * CVE-2022-1471: A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malici...

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

Red Hat Security Advisory 2023-3954-01

Red Hat Security Advisory 2023-3954-01 - This release of Red Hat Fuse 7.12 serves as a replacement for Red Hat Fuse 7.11 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References. Issues addressed include bypass, code execution, denial of service, information leakage, resource exhaustion, server-side request forgery, and traversal vulnerabilities.

RHSA-2023:3954: Red Hat Security Advisory: Red Hat Fuse 7.12 release and security update

A minor version update (from 7.11 to 7.12) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2012-5783: It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or su...

RHSA-2023:3625: Red Hat Security Advisory: OpenShift Container Platform 4.10.62 security update

Red Hat OpenShift Container Platform release 4.10.62 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow. * CVE-2023-20860: A flaw was found in Spring Framework. In this issue, a security bypass is possibl...

RHSA-2023:3625: Red Hat Security Advisory: OpenShift Container Platform 4.10.62 security update

Red Hat OpenShift Container Platform release 4.10.62 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow. * CVE-2023-20860: A flaw was found in Spring Framework. In this issue, a security bypass is possibl...

RHSA-2023:3771: Red Hat Security Advisory: Red Hat Virtualization security and bug fix update

An update is now available for Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8, Red Hat Virtualization 4 for Red Hat Enterprise Linux 8, and Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20860: A flaw was found in Spring Framework. In this issue, a security bypass is possible due to the behavior of the wildcard pattern. * CVE-2023-20861: A flaw found was found in Spring Framework. This flaw allows a malicious user to u...

RHSA-2023:3663: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2048: A flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a denial of service in the server via HTTP/2 requests. * CVE-2022-22976: A flaw was found in Spring Framework. The encoder does not perform any salt rounds when using the BCrypt class with the maximum wo...

Red Hat Security Advisory 2023-3622-01

Red Hat Security Advisory 2023-3622-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, denial of service, information leakage, insecure permissions, and resource exhaustion vulnerabilities.

Red Hat Security Advisory 2023-3610-01

Red Hat Security Advisory 2023-3610-01 - Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, memory exhaustion, and resource exhaustion vulnerabilities.

RHSA-2023:3622: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-29599: A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack. * CVE-2022-30953: A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.25.3 and earlier allows attackers to connect to an...

RHSA-2023:3610: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46877: A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. * CVE-2022-29599: A flaw was found in the maven-shared-utils package. This issue allows a Command...

RHSA-2023:3185: Red Hat Security Advisory: Red Hat AMQ Broker 7.10.3 release and security update

Red Hat AMQ Broker 7.10.3 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wil...

CVE-2023-2633: Jenkins Security Advisory 2023-05-16

Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them.

CVE-2023-2633: Jenkins Security Advisory 2023-05-16

Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them.

CVE-2023-2633: Jenkins Security Advisory 2023-05-16

Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them.

CVE-2023-2633: Jenkins Security Advisory 2023-05-16

Jenkins Code Dx Plugin 3.1.0 and earlier does not mask Code Dx server API keys displayed on the configuration form, increasing the potential for attackers to observe and capture them.

CVE-2023-33007: Jenkins Security Advisory 2023-05-16

Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

CVE-2023-32992: Jenkins Security Advisory 2023-05-16

Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.

CVE-2023-32996: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.

CVE-2023-32994: Jenkins Security Advisory 2023-05-16

Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.

CVE-2023-33004: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.

CVE-2023-33007: Jenkins Security Advisory 2023-05-16

Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

CVE-2023-32994: Jenkins Security Advisory 2023-05-16

Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.

CVE-2023-32992: Jenkins Security Advisory 2023-05-16

Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.

CVE-2023-33007: Jenkins Security Advisory 2023-05-16

Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

CVE-2023-33007: Jenkins Security Advisory 2023-05-16

Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

CVE-2023-32996: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.

CVE-2023-32992: Jenkins Security Advisory 2023-05-16

Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.

CVE-2023-32994: Jenkins Security Advisory 2023-05-16

Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.

CVE-2023-32992: Jenkins Security Advisory 2023-05-16

Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.

CVE-2023-33004: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.

CVE-2023-33004: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.

CVE-2023-32994: Jenkins Security Advisory 2023-05-16

Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.

CVE-2023-33004: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.

CVE-2023-32996: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.

CVE-2023-32996: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.

CVE-2023-32981: Jenkins Security Advisory 2023-05-16

An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content.

CVE-2023-32978: Jenkins Security Advisory 2023-05-16

A cross-site request forgery (CSRF) vulnerability in Jenkins LDAP Plugin 673.v034ec70ec2b_b_ and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.

CVE-2023-32985: Jenkins Security Advisory 2023-05-16

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.

CVE-2023-32986: Jenkins Security Advisory 2023-05-16

Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.

CVE-2023-32978: Jenkins Security Advisory 2023-05-16

A cross-site request forgery (CSRF) vulnerability in Jenkins LDAP Plugin 673.v034ec70ec2b_b_ and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.

CVE-2023-32978: Jenkins Security Advisory 2023-05-16

A cross-site request forgery (CSRF) vulnerability in Jenkins LDAP Plugin 673.v034ec70ec2b_b_ and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.

CVE-2023-32981: Jenkins Security Advisory 2023-05-16

An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content.

CVE-2023-32981: Jenkins Security Advisory 2023-05-16

An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content.

CVE-2023-32985: Jenkins Security Advisory 2023-05-16

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.

CVE-2023-32985: Jenkins Security Advisory 2023-05-16

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.

CVE-2023-32981: Jenkins Security Advisory 2023-05-16

An arbitrary file write vulnerability in Jenkins Pipeline Utility Steps Plugin 2.15.2 and earlier allows attackers able to provide crafted archives as parameters to create or replace arbitrary files on the agent file system with attacker-specified content.

CVE-2023-32986: Jenkins Security Advisory 2023-05-16

Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.

CVE-2023-32986: Jenkins Security Advisory 2023-05-16

Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.

CVE-2023-32986: Jenkins Security Advisory 2023-05-16

Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content.

CVE-2023-32985: Jenkins Security Advisory 2023-05-16

Jenkins Sidebar Link Plugin 2.2.1 and earlier does not restrict the path of files in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.

CVE-2023-32978: Jenkins Security Advisory 2023-05-16

A cross-site request forgery (CSRF) vulnerability in Jenkins LDAP Plugin 673.v034ec70ec2b_b_ and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.

RHSA-2023:2100: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update

Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37533: A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about service...

RHSA-2023:2100: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update

Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-37533: A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about service...

Red Hat Security Advisory 2023-2041-01

Red Hat Security Advisory 2023-2041-01 - Migration Toolkit for Applications 6.1.0 Images. Issues addressed include denial of service, privilege escalation, server-side request forgery, and traversal vulnerabilities.

CVE-2023-20860: CVE-2023-20860: Security Bypass With Un-Prefixed Double Wildcard Pattern

Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.

Red Hat Security Advisory 2023-1286-01

Red Hat Security Advisory 2023-1286-01 - Migration Toolkit for Runtimes 1.0.2 Images. Issues addressed include denial of service, privilege escalation, and server-side request forgery vulnerabilities.

RHSA-2023:1286: Red Hat Security Advisory: Migration Toolkit for Runtimes security bug fix and enhancement update

Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31690: A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system. * CVE-2022-41966: A flaw was found in the xstream package. This flaw allows an atta...

Ubuntu Security Notice USN-5946-1

Ubuntu Security Notice 5946-1 - Lai Han discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that XStream incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

Red Hat Security Advisory 2023-1177-01

Red Hat Security Advisory 2023-1177-01 - A security update for Red Hat Integration Camel Extensions for Quarkus 2.7-1 is now available. Issues addressed include denial of service and information leakage vulnerabilities.

RHSA-2023:1006: Red Hat Security Advisory: Red Hat build of Quarkus 2.7.7 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1471: A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE). * CVE-2022-3171: A parsing issue with binary data in protobuf-java core an...

GHSA-j563-grx4-pjpv: XStream can cause Denial of Service via stack overflow

### Impact The vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream. ### Patches XStream 1.4.20 handles the stack overflow and raises an InputManipulationException instead. ### Workarounds The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. Following types of the Java runtime are affected: - java.util.HashMap - java.util.HashSet - java.util.Hashtable - java.util.LinkedHashMap - java.util.LinkedHashSet - Other third party collection implementations that use their element's hash code may also be affected A simple solution is to catch the StackOverflowError in the client code calling XStream. If your object graph does not use referenced elements at all, you may simply set the NO_REFERENCE mode: ```Java XStream xstream = new XStream(); xstream.setMode(XStream.NO_REFERENCES); ``` I...

CVE-2022-41966: XStream - CVE-2022-41966

XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution